Security Consultant

At LRQA our focus has always been on excellence in cyber security. We have teams that offer world class services in red teaming, penetration testing, threat intelligence, research and development, detection and response, governance, risk, and compliance, and plenty more. Our business is global and so are our clients. We work closely with central banks, central and local government, critical national infrastructure, large retailers, and plenty more besides!

We’re an award-winning provider of cyber security services and we’re at a very exciting stage of development. We are looking for the right people to join us as we embrace the challenges thrown up by the advancements within the IT industry and within the threats faced. LRQA will be at the forefront of this arena and we want to seek the right people to join the team and make it happen.

You can find out more about us at https://www.lrqa.com/en-us/cyber-security-services/.

There is a new, exciting opportunity for a Security Consultant to join LRQA’s existing dynamic Global Penetration Testing Team.

Our security consultants are responsible for leading and delivering their own penetration testing security engagements with our clients. This includes the full lifecycle of an engagement from kick off call, testing, report creation, report delivery to debrief.

This role is hybrid working and will involve working on client site from time to time. We can support working from across Malaysia, but the office is in Kuala Lumpur. All applicants will require residence in Malaysia.

In your role you will:

• Deliver penetration testing against a wide variety of systems. This is the core of the role.
• Perform engagement kick off calls, wrap up calls, email responses and debriefs for each penetration test you deliver.
• Write full and thorough reports for each engagement that show thoughtfulness and constant improvement, incorporating feedback from quality assurance reviews.
• Assist in penetration testing presales activities, providing technical assessment of scope, principal security concerns and testing methodology to the Account Manager.
• Develop client relationships and ensure LRQA always delivers professional consultative style engagements.
• If relevant, provide technical analysis of current IT Security related events.
• Be a continuous learner, keeping up to date on a wide variety of IT Security related skills and industry knowledge.
• Mentor less experienced security consultants where appropriate.

There are no fixed set of skills required to be a successful candidate. However, the successful candidate will demonstrate at least some of the following:

• Penetration testing experience.
• You should be very confident with at least one of the following: web application, infrastructure, or mobile application penetration testing.
• You love getting involved in deep technical challenges, while at the same time being able to abstract and explain the most complex issues to a C level executive.
• An ability to teach and mentor other members of the team is a distinct advantage; it’s part of what makes us LRQA!
• You code open-source tools, contribute to security blogs, or participate in CTFs.
• A passion for cyber, a thirst for knowledge and a constant desire to push yourself to the max.
• In depth knowledge and understanding of applications and networking.
• A background in Information Technology, such as development, networking, system administration is an advantage.
• A specialisation is a distinct advantage, such as cloud penetration testing skills, exploit development, reverse engineering etc.

We are flexible on certifications, based on your capabilities and experience. We’re not looking for badge collectors; we look far deeper than that. However, one or more of the following will serve as a distinct advantage:

• A BSc degree in a (or equivalent) in a technical discipline.
• CREST Registered Tester or CREST Certified Tester.
• Offensive Security certifications, e.g. OSCP.
• AWS Security Specialty / Azure AZ-500.
• CSK / CCSP / CISSP
• Any other relevant penetration testing or IT certification.

We have industry leading levels of employee retention, and for good reason; we’re the kind of place that no one wants to leave! Our cyber unit includes the full spectrum of services from SOC analysis and Incident Response through Penetration Testing, Adversarial Simulation (Red Teaming) and Threat Intelligence. There are always people available to help you and always more to learn.

We push ourselves to be excellent, so if you’re the kind of person who loves deep technical challenges and a fantastic work environment, we welcome your interest. Please do visit our website to understand more about how we develop our people, work on cutting edge engagement and offer multiple career progression paths.

We offer you an exciting working environment with intellectual challenges, responsibility, and high-level client interaction. An attractive package is available for the right candidate.

Are you interested in this job? Apply now via the ‘apply’ button and upload your resume and cover letter.